Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json)
Hash identifier: 2JWW/tmym+AcNX3d/dVMK/oof6biEiO7EVwB2Iy3SjU=
Subject key identifier: 37:B8:5C:5C:DD:EE:EE:18:46:DE:42:16:35:AC:BA:A8:10:AB:87:78
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E557451366C943A1C28647C54B9EC941A45B22C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
Signing time: Sun 01 Mar 2026 00:00:38 +0000
ROA not before: Sun 01 Mar 2026 00:00:38 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:55:74:51:36:6c:94:3a:1c:28:64:7c:54:b9:ec:94:1a:45:b2:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 1 00:00:38 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=d9d71d85ddf3c7116d0b669dc3910c7914d63d9c0b456981306fe4b8948d696b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:16:89:e8:89:12:b4:94:07:24:7b:f5:b4:a9:
2a:4e:20:d1:20:3d:e0:5d:1d:04:ca:89:b1:29:e3:
59:13:26:a5:95:7b:97:73:ba:95:50:b2:01:a7:79:
cc:ba:00:f7:2d:71:97:6b:d2:c4:29:96:09:c1:59:
34:2a:7b:83:5d:90:9f:98:75:ef:32:f7:ee:71:97:
1d:ec:9f:c2:ae:0a:bb:27:0b:e3:57:e9:09:fc:b5:
51:35:c9:7e:62:f7:6f:e7:bf:58:2d:03:5c:ef:3b:
ad:2d:c6:2c:2c:0c:01:11:ea:12:25:c1:66:5c:e8:
88:3a:90:f6:b3:bb:e9:62:4d:fa:0f:fa:cc:11:cd:
2d:b7:20:2b:3e:28:40:9d:f8:a7:ba:53:50:59:2b:
b7:bd:55:74:ff:53:d5:8a:18:db:42:86:48:59:e0:
dd:4c:b3:1b:83:f0:7d:cb:86:fc:ad:08:34:99:3e:
49:58:b6:c8:e7:9c:8d:09:0e:fe:4b:ac:d5:a5:e5:
9f:b4:6a:12:d1:17:db:90:b3:4a:72:7f:45:c8:cb:
8d:8b:a6:06:78:74:c3:76:f3:ed:f5:36:80:bc:c9:
39:2c:b8:99:91:80:95:d9:6f:b7:c3:40:b0:ca:a5:
c5:2f:93:d1:52:19:8e:55:a3:7e:21:1f:61:61:66:
d8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B8:5C:5C:DD:EE:EE:18:46:DE:42:16:35:AC:BA:A8:10:AB:87:78
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
98:b1:08:6c:01:b6:18:28:18:a8:e1:a7:48:05:74:05:20:41:
50:3d:16:a4:98:9a:c6:ca:3f:fd:14:c0:ec:0a:57:da:89:61:
99:9b:dc:10:d3:62:af:4f:5e:0a:20:96:79:1f:47:4a:6e:54:
18:24:c5:6c:5b:1b:a0:a2:e9:27:fc:6d:df:dc:e4:29:8c:35:
40:e8:32:fd:ba:e5:bc:a4:fe:63:df:4e:4f:5c:41:90:64:56:
64:50:f2:0c:3c:91:e9:08:d9:b1:2e:93:0e:b1:ba:ee:12:18:
19:ca:79:bd:ad:3f:62:72:a7:3a:17:e3:91:51:bc:33:ad:af:
06:a1:fd:ec:88:2a:9e:b3:5a:6a:8b:43:6f:76:05:a8:cb:90:
f5:2e:35:cc:8b:43:ac:58:b8:3a:d6:6d:72:21:d8:5a:8f:bd:
ef:2d:dd:ab:ff:67:c6:0e:b0:a0:73:8a:5d:98:f9:22:6e:ec:
fc:c7:03:a4:cb:56:a8:ca:e0:88:15:b5:e9:af:16:08:24:62:
de:63:c4:d8:ea:3b:88:9d:7d:ad:09:35:65:00:3d:ab:58:25:
1a:8f:09:3d:39:59:fd:8d:d3:80:75:62:ef:f5:03:b7:0b:2e:
47:85:72:58:85:f3:2b:3b:71:ca:1e:c3:13:84:c0:49:94:4e:
2d:c9:e3:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUblV0UTZslDocKGR8VLnslBpFsiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAzMDEwMDAwMzhaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5ZDcxZDg1ZGRmM2M3MTE2ZDBiNjY5ZGMzOTEwYzc5MTRkNjNkOWMwYjQ1
Njk4MTMwNmZlNGI4OTQ4ZDY5NmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO0WieiJErSUByR79bSpKk4g0SA94F0dBMqJsSnjWRMmpZV7l3O6lVCyAad5
zLoA9y1xl2vSxCmWCcFZNCp7g12Qn5h17zL37nGXHeyfwq4KuycL41fpCfy1UTXJ
fmL3b+e/WC0DXO87rS3GLCwMARHqEiXBZlzoiDqQ9rO76WJN+g/6zBHNLbcgKz4o
QJ34p7pTUFkrt71VdP9T1YoY20KGSFng3UyzG4PwfcuG/K0INJk+SVi2yOecjQkO
/kus1aXln7RqEtEX25CzSnJ/RcjLjYumBnh0w3bz7fU2gLzJOSy4mZGAldlvt8NA
sMqlxS+T0VIZjlWjfiEfYWFm2AcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ3uFxc
3e7uGEbeQhY1rLqoEKuHeDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAmLEIbAG2GCgYqOGnSAV0BSBBUD0WpJiaxso//RTA
7ApX2olhmZvcENNir09eCiCWeR9HSm5UGCTFbFsboKLpJ/xt39zkKYw1QOgy/brl
vKT+Y99OT1xBkGRWZFDyDDyR6QjZsS6TDrG67hIYGcp5va0/YnKnOhfjkVG8M62v
BqH97IgqnrNaaotDb3YFqMuQ9S41zItDrFi4OtZtciHYWo+97y3dq/9nxg6woHOK
XZj5Im7s/McDpMtWqMrgiBW16a8WCCRi3mPE2Oo7iJ19rQk1ZQA9q1glGo8JPTlZ
/Y3TgHVi7/UDtwsuR4VyWIXzKztxyh7DE4TASZROLcnjVQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:16:02 2026 by rpki-client